An Overview of the Network File System Protocol

So NFS is a distributed file system protocol that was developed way back in 1984 by Sun Microsystems, but today it’s considered an open standard which means anyone can use it, and anyone could develop for it.

So there have been a few different versions of NFS over the years, there have been many meaningful upgrades to the protocol, and one of those which should be pretty eye-opening of how long it’s been around was the upgrade to using the TCP/IP protocol. So NFS version 3 was released to the public in 1995, and that version is still in use today, albeit with many upgrades and additions since then. And so NFS was built with the goal in mind to allow one computer to access the files located on another. While this is a simple concept in theory, the ability to mount a remote file system as if it is local to your machine is an extremely helpful tool, and is the main differentiator from something like FTP, which is used to transfer files over the network.

The latest version of NFS is NFS version 4, and it offers many upgrades in performance and security, such as the addition of LDAP and Kerberos. Another important upgrade was the introduction of a stateful protocol, where up until then, NFS had always been stateless, meaning the server stores no per-client information. This forces the client to have to write through immediately, which could cause issues with consistency if multiple clients are accessing the same directory and the same file. Whereas with NFS version 4, the server maintains a state of all open files and the server can then issue calls to the clients for the sake of consistency.

So next what I thought we would do is show you how to set up your very own NFS server, then create a directory that we would then share out and mount to a client system. So this should get you started on your path to learning NFS and testing out any different use cases that may be unique for you.

So let’s head on over my desk now, and I’ll start the tutorial. Alright, so the goal for today’s mini tutorial isn’t really to have an in-depth NFS guide, but instead to show you how to get an NFS server up and running, show you the proper syntax, and also show you how to mount a basic NFS share on your client machine to get you started on the road to learning these things a little more in-depth. So we’re also going to touch briefly on some extras that need to be kept in mind when working with NFS, such as permissions and firewalls.

Alright, so let’s get started. So one thing to note before we begin, I’m running CentOS 7.7, and the commands may differ slightly for you if you are on a different flavor of Linux. For example, yum is how we install in CentOS and it’s going to be different depending on your distribution.

Okay, so let’s begin. So, on the server-side what we’re going to do is we’re going to start by installing NFS. So we’re going to install NFS, NFS utilities, and NFS secure. Alright, so the next step is we’re gonna start our NFS server and then we’re going to enable it to ensure that it’s going to run every time you restart the machine. Okay, so the next step is we’re going to make a directory for our shares that we’re going to be exporting to our NFS clients.

So our next step is we’re going to come in to our exports file, and from here we’re going to set the share export permissions that we want to run. So, for this instance, we’ve just created share1, so we’re going to add a “/NFS/exports/share1”. And then here you can set a few different things; for this instance we’re going to use * and “rw”. Now the * instance indicates that this can be run on any network on any IP, so obviously this isn’t ideal, but this guide is just to give you a general understanding and an easy way to set up a nice fast NFS server, so if you want a specific IP address that this goes to you would enter it right here: 168, etc, or whatever your network is, and then you would set that to lock it down. and if it’s a 192.168.10 network, you would just leave the * at the last octet and that would give you access to that entire subnet.

Ok, so, that gives us everything we need for this instance and that gives us readwrite, so let’s save and quit. So the next command we’re gonna run is an “exportfs”, and we’re going to have “-rv”, and this essentially allows us to sync our exports and also be a verbose output. There we go, as you see we’re exporting our NFS share1.

Alright, so the next step we’re going to do before we go any further is to allow the NFS service to run on the firewall. So the firewall is going to allow the data that flows over the port that NFS runs on through the firewall. So “firewall-cmd –add-service=nfs”, and then to make it be permanent so it stays no matter how many times you reboot your machine-there you go. Now we’re gonna restart our firewall; great.

Alright, so the next thing I’m going to do is I’m going to set the permissions and I’m going to set the group owner for the share that we created, and this can be done many different ways, and again this is just a very general overview so I’m going to have anyone be able to access this share. But again, this is a great point for you to research if this is something you’re interested in, and see how the different permissions and the different groups affect the share. So first and foremost, we’ll run a “chmod -R 755” on our newly created share. And now we’re going to change the group with a “chown”. Alright, great, so that’s everything we needed on the server side for now, now we can jump over and set up the client. So now that we’re on the client side, it’s best to install the NFS package that you’re going to need; so we’ll run a “yum install nfs-utils”, “-y” for yes. Great, so now we have the packages Installed.

So, the next step for us is to make a directory for where we’re going to mount this share. So, to keep it in line with the syntax that we used on the server, let’s just keep it simple. So we’ll make a directory “/nfs/imports” this time “/share1”. Okay, now it’s time to try to mount this NFS share on this machine, so let’s run a mount. As you can see I made a small syntax error on my command; instead of “nfs/exports”, I just did “fs/exports”, and obviously it’s going to fail because it doesn’t know anything about “/fs/exports”, so, let’s fix that.

Alright, there we go, and let’s take a look and see if our NFS is mounted. And there we go, as we look, we have our IP address of our NFS server, and we have “/exports/share1”, and it’s now saved or mounted on our “imports-share1”. So, now we can move in to our mounted filesystem, or mounted NFS share, and we can create our files. There we go.

Alright, so the final thing we’re going to touch on before we wrap up here, is to make sure that this share is going to remain mounted no matter how many times we restart our machine, so in order to do this, we’re going to move into our FS tab. As you can see, there’s some things that are already mounted. These are our boot drives, partitions that we need to run our Linux machine, so we’re gonna add one more. So, we’re going to come in and we’re going to type the IP again.

Alright, so one final thing to note that you see here that you don’t see any other mount points, is the addition of netdev on our NFS share. Essentially what that does, is it allows Linux to know when it’s starting up to wait for our network interfaces to be up and running before we try to mount that NFS share. This actually just lets them know not to start that until net devices are up. Now if you don’t add this netdev edition, essentially what you run the risk of happening is for your Linux to hang on startup. If it tries to mount that share before the network interfaces are up, it may hang for quite a while, so it’s safe to just put this in your fstab for your mount point. Great, so, once we’re done that, we’re going to save and quit.

So there you go guys, that was a very brief mini tutorial on how to setup an NFS server and how to mount a NFS share on a client machine. Obviously this is very, very surface level, but it will get you started on your learning and you can start digging into some of the things that I’ve talked about here and some of the different things you would want to change in order to lock it down and keep it more secure. So that was a brief overview on NFS, and then a little tutorial on how to get it up and running for yourself.

So you guys should stay tuned because we’re gonna be doing the same thing with SMB, maybe some other protocols as well in the near future. Alright, well thanks for watching guys, hopefully you found some of this helpful, and as always, if you have any suggestions or ideas for videos in the future, please leave it in the comments down below, we’ll see you next week.